package org.codehaus.groovy.grails.plugins.springsecurity.ldap;

import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.codehaus.groovy.grails.plugins.springsecurity.GrailsUserDetailsService;
import org.codehaus.jackson.util.MinimalPrettyPrinter;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.ldap.core.ContextSource;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator;
import org.springframework.util.Assert;

/* loaded from: input_file:embedded.war:WEB-INF/classes/org/codehaus/groovy/grails/plugins/springsecurity/ldap/GrailsLdapAuthoritiesPopulator.class */
public class GrailsLdapAuthoritiesPopulator extends DefaultLdapAuthoritiesPopulator implements InitializingBean {
    private GrailsUserDetailsService _userDetailsService;
    private Boolean _retrieveDatabaseRoles;
    private String _rolePrefix;
    private String _roleStripPrefix;
    private String _roleStripSuffix;
    private boolean _roleConvertDashes;
    private boolean _roleToUpperCase;

    public GrailsLdapAuthoritiesPopulator(ContextSource contextSource, String str) {
        super(contextSource, str);
        this._rolePrefix = "ROLE_";
        this._roleConvertDashes = false;
        this._roleToUpperCase = false;
    }

    public GrantedAuthority cleanRole(GrantedAuthority grantedAuthority) {
        String str;
        if (!(grantedAuthority instanceof GrantedAuthorityImpl)) {
            return grantedAuthority;
        }
        GrantedAuthorityImpl grantedAuthorityImpl = (GrantedAuthorityImpl) grantedAuthority;
        if (this._roleConvertDashes && grantedAuthorityImpl.getAuthority().indexOf(45) > -1) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().replaceAll("-", "_"));
        }
        if (this._roleToUpperCase && !grantedAuthorityImpl.getAuthority().toUpperCase().equals(grantedAuthorityImpl.getAuthority())) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().toUpperCase());
        }
        if (this._roleStripPrefix != null && (str = this._rolePrefix + this._roleStripPrefix) != null && str.length() > 0 && grantedAuthorityImpl.getAuthority().indexOf(str) == 0 && grantedAuthorityImpl.getAuthority().length() > str.length()) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().replace(str, this._rolePrefix).trim());
        }
        if (this._roleStripSuffix != null && this._roleStripSuffix != null && this._roleStripSuffix.length() > 0 && grantedAuthorityImpl.getAuthority().length() > this._roleStripSuffix.length() && grantedAuthorityImpl.getAuthority().endsWith(this._roleStripSuffix)) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().substring(0, grantedAuthorityImpl.getAuthority().length() - this._roleStripSuffix.length()).trim());
        }
        if (grantedAuthorityImpl.getAuthority().indexOf(32) > -1) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().replaceAll(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR, "_"));
        }
        while (grantedAuthorityImpl.getAuthority().indexOf("__") > -1) {
            grantedAuthorityImpl = new GrantedAuthorityImpl(grantedAuthorityImpl.getAuthority().replaceAll("__", "_"));
        }
        return grantedAuthorityImpl;
    }

    @Override // org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
    public Set<GrantedAuthority> getGroupMembershipRoles(String str, String str2) {
        Set<GrantedAuthority> groupMembershipRoles = super.getGroupMembershipRoles(str, str2);
        HashSet hashSet = new HashSet();
        Iterator<GrantedAuthority> it = groupMembershipRoles.iterator();
        while (it.hasNext()) {
            hashSet.add(cleanRole(it.next()));
        }
        return hashSet;
    }

    @Override // org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
    protected Set<GrantedAuthority> getAdditionalRoles(DirContextOperations dirContextOperations, String str) {
        if (!this._retrieveDatabaseRoles.booleanValue()) {
            return null;
        }
        try {
            UserDetails loadUserByUsername = this._userDetailsService.loadUserByUsername(str, true);
            if (loadUserByUsername.getAuthorities() != null) {
                return new HashSet(loadUserByUsername.getAuthorities());
            }
            return null;
        } catch (UsernameNotFoundException e) {
            return null;
        }
    }

    public void setUserDetailsService(GrailsUserDetailsService grailsUserDetailsService) {
        this._userDetailsService = grailsUserDetailsService;
    }

    public void setRetrieveDatabaseRoles(boolean z) {
        this._retrieveDatabaseRoles = Boolean.valueOf(z);
    }

    private void updateRoleStripPrefix() {
        if (this._roleConvertDashes && this._roleStripPrefix != null && this._roleStripPrefix.indexOf(45) > -1) {
            this._roleStripPrefix = this._roleStripPrefix.replaceAll("-", "_");
        }
        if (!this._roleToUpperCase || this._roleStripPrefix == null || this._roleStripPrefix.toUpperCase().equals(this._roleStripPrefix)) {
            return;
        }
        this._roleStripPrefix = this._roleStripPrefix.toUpperCase();
    }

    private void updateRoleStripSuffix() {
        if (this._roleConvertDashes && this._roleStripSuffix != null && this._roleStripSuffix.indexOf(45) > -1) {
            this._roleStripSuffix = this._roleStripSuffix.replaceAll("-", "_");
        }
        if (!this._roleToUpperCase || this._roleStripSuffix == null || this._roleStripSuffix.toUpperCase().equals(this._roleStripSuffix)) {
            return;
        }
        this._roleStripSuffix = this._roleStripSuffix.toUpperCase();
    }

    @Override // org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator
    public void setRolePrefix(String str) {
        this._rolePrefix = str;
    }

    public void setRoleStripPrefix(String str) {
        this._roleStripPrefix = str;
        updateRoleStripPrefix();
    }

    public void setRoleStripSuffix(String str) {
        this._roleStripSuffix = str;
        updateRoleStripSuffix();
    }

    public void setRoleConvertDashes(boolean z) {
        this._roleConvertDashes = z;
        updateRoleStripPrefix();
        updateRoleStripSuffix();
    }

    public void setRoleToUpperCase(boolean z) {
        this._roleToUpperCase = z;
        updateRoleStripPrefix();
        updateRoleStripSuffix();
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Assert.notNull(this._userDetailsService, "userDetailsService must be specified");
        Assert.notNull(this._retrieveDatabaseRoles, "retrieveDatabaseRoles must be specified");
    }
}
